Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

RHELPRIO AssignedTeam ...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Task
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: qemu-kvm / General
Labels:
None

Target Version:

rhel-10.2

AssignedTeam:
rhel-virt-core

Story Points:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None

Planning:
None

To support hybrid mode for PQC, the TLS library (GNUTLS for QEMU) must be provided multiple distinct sets of certificates. One set using classic DSA algorithm, and one set using ML-DSA algorithm.

This requires calling gnutls_certificate_set_x509_key() with different pem files loaded, which is not something QEMU is currently able to do.

This task tracks the downstream backport

blocks

RHEL-125931 QE Test support for loading multiple sets of x509 certificates for PQC hybrid mode

is blocked by

RHEL-125928 Upstream support for loading multiple sets of x509 certificates for PQC hybrid mode

Closed

is depended on by

RHEL-111934 Support loading multiple sets of x509 certificates for PQC hybrid mode

In Progress

Assignee:: Daniel Berrangé

Reporter:: Daniel Berrangé

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2025/11/03 1:53 PM

Updated:: 2025/11/11 5:27 PM

Stale Date:: 2026/10/29

Target end:: 2026/02/17

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

Hide